exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

Files Date: 2020-04-24

Linux/x86 Egghunter Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

39 bytes small Linux/x86 egghunter null-free shellcode. The egghunter dynamically searches memory for 2 instances of the egg. When the eggs are found, the egghunter passes execution control to the payload at the memory address of the eggs.

tags | x86, shellcode
systems | linux
SHA-256 | f15f64c0d4291382054a30e3697719a38ea41de5b89587531e1baff5818409e8
Linux/x86 Reverse Shell Generator Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

80 bytes small Linux/x86 reverse shell generator shellcode with customizable TCP port and IP address.

tags | shell, x86, tcp, shellcode
systems | linux
SHA-256 | b6288f9069a67ab9a6e3d01fe3b23d7615e89b3fbb4002b6507be11140b269ff
Linux/x86 Dynamic MMX+FPU Encoded Add Root User Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

155 bytes small Linux/x86 shellcode that has a MMX stub decoder that dynamically decodes the payload in memory. The FPU GetPC technique is used to determine the offset from EIP dynamically in running memory. Once decoded. this shellcode adds the user 'ctl' with the password 'ctl' to the /etc/passwd file with the UID and GID of 0 (root). This shellcode uses legacy passwd functionality. Therefore the /etc/shadow file does not need to be accessed or modified.

tags | x86, root, shellcode
systems | linux
SHA-256 | d72edd6daaf006feaf82398a3b67d4281ff9258ee56eeaedca56c7d0ab3e4980
URLCrazy Domain Name Typo Tool 0.7.1
Posted Apr 24, 2020
Authored by Andrew Horton | Site github.com

URLCrazy is a tool that can generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage. It generates 15 types of domain variants, knows over 8000 common misspellings, supports multiple keyboard layouts, can check if a typo is a valid domain, tests if domain typos are in use, and estimates the popularity of a typo.

Changes: Added --debug to show debugging output for development. No longer requires pry gem unless debugging. Checks for a low ulimit and shows a warning.
tags | tool, web
systems | unix
SHA-256 | 7f0f74c0f7cca19b89445bbdc168cdb6604de03bba13061be360561afade6290
Linux/x86 Add Root User Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

107 bytes small Linux/x86 shellcode that adds the user 'ctl' with the password 'ctl' to the /etc/passwd file with the UID and GID of 0 (root). This shellcode uses legacy passwd functionality. Therefore the /etc/shadow file does not need to be accessed or modified.

tags | x86, root, shellcode
systems | linux
SHA-256 | e9483cceb2d45bc3e4c29c88655dc4a6e6bcedc432d98e81e5ab936189311836
Linux/x64_86 ROL Encoded Execve Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

57 bytes small Linux/x64_86 /bin/bash shellcode. The stub decodes the ROL Encoded shellcode. When the stub has finished decoding the payload, execution control is passed to the payload.

tags | shellcode, bash
systems | linux
SHA-256 | 0b2a9ee02c0b7d0258cad51519bebf538bc5adf11a6b79a09c2f9a31449092a7
Furukawa Electric ConsciusMAP 2.8.1 Java Deserialization Remote Code Execution
Posted Apr 24, 2020
Authored by LiquidWorm | Site zeroscience.mk

Furukawa Electric ConsciusMAP version 2.8.1 java deserialization remote code execution exploit.

tags | exploit, java, remote, code execution
advisories | CVE-2020-12133
SHA-256 | 0955da08cc537744d5dca5fea06f5e92ca016b5cb01825a79799c4dcb0cf48c1
Air Sender 1.0.2 Arbitrary File Upload
Posted Apr 24, 2020
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Air Sender version 1.0.2 for iOS suffers from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, file upload
systems | ios
SHA-256 | a14b5d2f646f6165a431ce48859d7864075a081083d1b18d936ddaab47e98f1d
Edimax EW-7438RPn 1.13 Remote Code Execution
Posted Apr 24, 2020
Authored by Besim Altinok

Edimax EW-7438RPn version 1.13 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 509213c937fc32c56ee29c0bc1db6b5c0727a2aa493a45f8fdbcbfc6bcd2ec8d
EspoCRM 5.8.5 Privilege Escalation
Posted Apr 24, 2020
Authored by Besim Altinok

EspoCRM version 5.8.5 suffers from a privilege escalation vulnerability.

tags | exploit
SHA-256 | 5b6c8700801dc5ddf2ded85c2e7bdef037b187d0026ed691cd3b75a1841444fe
Linux Password Protected Bindshell Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

272 bytes small Linux/x86_64 null free password protected bindshell shellcode.

tags | shellcode
systems | linux
SHA-256 | 3b354d90a8edf71f759af7fb2d5a48d129b38945626e7de89ff29bd0b2c1fa8f
Linux/x64_86 Egghunter Execve Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

63 bytes small Linux/x64_86 dynamic egghunter shellcode that searches memory for 2 instances of the egg. When the eggs are found, the egghunter passes execution control to the payload at the memory address of the eggs. The payload is an execve(/bin/bash) shellcode.

tags | shellcode, bash
systems | linux
SHA-256 | c3ff54b357a821a1566c2d7a70204024eb13af4cdf6c240a1725a87696156951
Popcorn Time 6.2 Unquoted Service Path
Posted Apr 24, 2020
Authored by Uriel Yochpaz, Jonatan Schor

Popcorn Time version 6.2 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 5af03f63de881c0d2a07d293d3c853311d6a2303af51a1f304784d2ee91ea066
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close